I am trying to setup OPT1 as a 2ndary LAN for my wireless router, but it seems that it won’t get an IP address. I setup and enabled OPT1 in interfaces to get IP via DHCP on the subnet 192.168.160.1/24 (just my preference, don’t ask). The router WAN light is red, as it doesn’t find any network connection (obviously, in pfSense in DHCP leases there is only 1 IP for my LAN PC, but none for OPT1). After I set OPT1 to get Static IPv4 and gave it 160.10 manual IP in the router interface, it would show a connection to the internet (green WAN light), but devices hidden behind the wifi router NAT didn’t have internet connection and couldn’t ping anything except the wireless router, not even the pfSense box. The wireless router is set almost with stock settings after a factory reset (except admin pass and wlan conf). I set it back to DHCP.
Under firewall rules in pfSense, I copied default allow all rules from LAN to OPT1, still no internet access. Any idea what to configure next? (btw, I’m tired, so I’ll go to sleep, so sorry in advance for late replies). Also, I would prefer OPT1 to actually be part of LAN, should I set both LAN and OPT1 (port 1 and 2 on my pfSense) in a single vLAN or something? (I’m new to vLANs as well, so bear with me). Did try to put both ports under a vLAN and failed miserably and couldn’t get IP on my LAN anymore, so I had to enter console shell on router and reconfigure port 1 as LAN, instead of the vLAN.
Post a screenshot of your firewall rules. Make sure lan and opt1 are on different subnets. If you’re using a router as an access point then don’t use the wan port, just connect pfsense to one of the lan ports and make sure dhcp is disabled on the router and that the router’s lan ip is in the opt1 subnet.
You shouldn’t be using VLANs for this. VLANs are for having multiple logical networks on the same physical hardware, you have two physical networks.
Here are my firewall rules and every relevant information from my router I could think of (LAN is currently on subnet 192.168.10.1/24 and OPT1 is on 192.168.160.1/24 ). I would like to have both of them on the same network (10.1/24). Firewall rules are pretty much set to Allow All (as far as I can tell).
My wifi router (Zyxel vmg8324-b10a) doesn’t have AP mode, only bridge mode, which wasn’t really working. I mean, I tried it in bridge mode and set the WAN port as a 5th LAN port and even in a normal LAN port, it didn’t work correctly. Now I only want it to function as a dumb router and only get wifi access from it. Any wireless device will be behind it’s own NAT and DHCP, I don’t care anymore as long as it works. In bridge mode it worked as a switch pretty well, but I needed the WiFi, which the devices could connect to, but were getting dropped out instantly (tried with my Android phones). And yes, pfSense gave them IP before (I could see them in DHCP leases), but they would auto-disconnect, so I factory reset the router.
In the interface settings for opt1 you need to set an ip. Set ipv4 configuration type to static IP and set the IP to 192.168.160.1/24. At the bottom of that page make sure you don’t check the two boxes for blocking bogon networks and private addresses, you only want those checked on WAN.
If you want them on the same network then drop the opt interface and just connect LAN to the router. You could also bridge the ports but you’re better off using a single interface and a switch.
Ok, I set it to static IP (and didn’t check blocking on LANs and I had them checked on WAN). Still, the Zyxel router doesn’t get IP, unless I don’t set it manually in its interface. I’ll try to set it manually in the zyxel web interface and report back.
The Zyxel vmg8324-b10a is a router, it won’t pick up a DHCP address unless it is on the WAN (or another modem interface) interface.
With which you’d have to do this under the Network Settings -> Broadband and fool it into using one of the Fibre profiles (most likely).
As a side note, the bridge mode on this is for acting as a transparent modem (aka it doesn’t grab a WAN IP) between an ADSL or VDSL connection and another router connected on a LAN port, passing the WAN IP to the connected device instead.
What you want to do to get this to function as a Wireless AP is delete all the profiles in the Broadband configuration. In the LAN settings,
give it a Static IP (outside of the DHCP range), disable DHCP on it and setup the wireless as desired.
On the pfsense box you will then want to configure DHCP for the OPT1 interface you have setup so that it will serve IP address to any devices connecting on the Zyxel. (make sure the range doesn’t overlap the IP you configured the Zyxel to)
Set OPT1 to DHCP, subnet 192.168.160.1/25 and the Zyxel’s IP in LAN as 192.168.160.253 with subnet mask 255.255.255.128 (I have no idea what I’m doing and I don’t think that’s a correct subnet mask for the Zyxel). All profiles in broadband configuration are deleted. Zyxel is connected to pfSense via LAN now. I got my PC hooked up to Zyxel 2nd port and it doesn’t get an IP address.
After setting the new IP in Zyxel LAN, i can’t connect anymore to Zyxel web interface neither via 160.253, nor 1.1 (its default IP addr), until I reset it again to factory settings (I think I did this 8 times only today).
Sorry for being a total noob and wasting you time. Now, what do?
Tried that before I went with @zanginator 's configuration. I did set OPT1 as static ipv4 and set 192.168.160.1/24, but zyxel wouldn’t get any ip. After giving it a manual IP in web interface, it would say “connected to internet”, but I couldn’t even ping google or 8.8.8.8 from my PC hooked up to it.
I don’t see the point in connecting the wan interface of the router to opt1, just set the router’s lan address manually to something in the opt1 subnet and connect pfsense to one of the lan ports. Make sure you disable the dhcp server on the router first.
I don’t want to create another useless discussion, so I’ll keep posting here.
Ok guys, I found something after a week of ignoring the problem. It seems like any OPT I’m trying to setup on my quad port HP NC365T, nothing seems to get any IP address, not even my PC that works on my LAN single port Intel WGI210AT, even with the same config (just different IP) and firewall rules. It doesn’t seem to be a hardware problem, as the HP card is detected correctly and I can setup LAN on its ports perfectly fine (and it works). It seems that OPT doesn’t work (or rather I’m too stupid to set it up).
I tested my Zyxel router using my ISP’s huawei ONT-router combo and it worked almost flawless with @zanginator’s explanation, the only thing that doesn’t work is the webUI of the Zyxel, but wifi and LAN work perfectly and I don’t need to access the webUI after my initial config, so that’s fine with me - it could be because my ISP’s router gives .100.1/24 and in LAN static IP on the Zyxel I have it .160.2/24.
As you can probably tell, my WAN is the integrated realtek port re0, my PC is connected to LAN igb0 (the single port card yellow connector), my Zyxel is connected to OPT1 igb1 (shown as disconnected in putty) and nothing connected to igb2, although it is configured and enabled in pfSense (will disabled it soon). Any ideas what could cause OPT to not work?
I’m not using the WAN on my router, the igb1 port is connected to my Zyxel via LAN port and DHCP is disabled on Zyxel.
delete all the profiles in the Broadband configuration. In the LAN settings,
give it a Static IP (outside of the DHCP range), disable DHCP on it and setup the wireless as desired.
On the pfsense box you will then want to configure DHCP for the OPT1 interface you have setup so that it will serve IP address to any devices connecting on the Zyxel.
Zanginator is right about this setup, but there is a problem with any OPT settings I try. As I mentioned, after I configured an OPT with the same settings as LAN (static IP and all), it didn't work for my PC which I know it works with same settings on LAN. Also, as DHCP is disabled on Zyxel and I'm not using WAN port, it makes sense to enable DHCP on OPT1 in pfSense.
You want to enable the DHCP server on OPT1 but you don’t want the OPT1 interface to get it’s IP from DHCP, you want to set that to static, otherwise the DHCP server (running on the OPT1 interface) doesn’t have an IP address.
Not sure that we understand each other…
…as I mentioned, Zyxel is not connected via WAN, but via LAN (>pic related) and all broadband settings are deleted (no WAN settings). In zyxel LAN, it has a manual IP set to 192.168.160.2 with subnet mask 255.255.255.0. On the other side of the cable, meaning inside pfSense, it has DHCP set with subnet 192.168.160.1/24.
I’m not talking about the zyxel, I’m talking about the OPT1 interface on pfsense. You currently have the interface ipv4 configuration set to DHCP, it should be static, and then you need to enable the DHCP server on the OPT1 interface.
